I seem to be finding bugs left and right. I am using PDO to prevent against SQL injection attacks. It takes all parameters that I pass in, and makes certain that the correct SQL statement is created to run against an MySQL database. The latest bug that I ran into is PHP Bug #40740. It is converting integers to strings, and breaking on paging results using the “limit” keyword. Unfortunately, the bug is over 2.5 years old and looks as though it will never be fixed, but plenty of people are complaining about it. I’ll have to find a work-around.
posted by Dedric Mauriac on Woodbridge using a blogHUD : [blogHUD permalink]